Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consolidation Ratios Securely and Proactively
1. Virtualize More in 2012 with HyTrust
Boost Data Center Efficiency and Consolidation Ratios Securely
and Proactively
First in a three-part series for IT and Security professionals responsible for
virtualization and data center architecture, management, and optimization
1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: info@hytrust.com
1
2. Overview
Speakers
What are the key business drivers for the virtualization security
blueprint ?
What are the pitfalls to avoid as we virtualize more mission-critical
applications, more securely this year?
What guidance and best practices can you share for planning and
undertaking these virtualization initiatives?
Summary
Q&A
2
3. Speakers
Billy Cox, Cloud strategy - Software and Services Group
Intel
Iben Rodriguez, Cloud Infrastructure Security Architect
eBay
Eric Chiu, President & Co-Founder
HyTrust
3
4. Cloud 2015 Vision
Federated Automated
Share data securely Dynamically Allocate
across public and
private clouds Resources
Client Aware
Optimizing services based
on device capability
Desktops Laptops Netbooks Personal Smartphones Smart TVs Embedded
Devices
Open, Interoperable Solutions Essential
4
5. From Usage Model to Proven Solution
A security example
Define Enable Prove Scale
…the strategy to …the usage model …the usage model …deployments with
address IT challenge in the ecosystem delivers the value ecosystem
via usage model
Pain Points Solution Stacks Prove out in lab Intel® Cloud Builders
Reference architecture
Enterprise
Vulnerabilities
Intel® Cloud Builders
Usage Model
Execute End User
Applications IT POCs
Management
OS
Policy Engine
VMM
• Trusted Pools
• Compliance Chipset
Reporting CPU
5
6. Iben Rodriguez
Cloud Information Security Infrastructure Architect
1. Cloud Infrastructure Security Architect who got his start in data networks for
military, and now designs and delivers complex projects for international
pharmaceutical, semiconductor companies, ecommerce companies, and many
government organizations.
2. Has worked closely with RedHat, VMware, and the Center for Internet Security,
and kicked off and maintains the Benchmark for vSphere ESX hardening. Has also
been selected a vExpert by VMware since 2009.
3. Enterprise Security and virtual infrastructure design leader dealing with ITIL, SOX,
PCI-DSS, ISO27000 assessments and remediation.
4. Presents on virtualization security at many conferences including MISTI, AppCon,
InfoSec Cloud, Network World, SANs, and Vmworld, and publishes at
www.ibenit.com and www.vadapt.com
5. Expert in integration of Virtual Security Infrastructure Components such as Splunk,
Nicira NVP, Vyatta, Cisco Nexus 1000v, HyTrust, SilverPeak, NMAP
10. Key Drivers - Business Trends
Virtualize More…
Analyst research of CIO top priorities for 2012,
40% picked virtualization as one of top three
Analyst research shows market is now 52% virtualized,
with many organizations goaled to be 75% virtualized
by 2014. *
Forrester Research CISO’s Guide to Virtualization Security
10
11. Key Drivers - Business Trends
Virtualize More Securely…
Security and tier-one apps consistently hold down
ratios.+
40% of virtualization deployments undertaken
WITHOUT information security team input.++
+ Jeff Burt eWeek 2009
++Forrester Research CISO’s Guide to Virtualization Security
11
12. Key Drivers - Business Trends
Virtualize More…
More Securely…
With Less!
Forrester Research CISO’s Guide to Virtualization Security
12
13. Key Drivers - Virtualization / Cloud Security Situation
“By 2015, 40% of the “There will be more
security controls used virtual machines
within enterprise data deployed on servers
centers will be during 2011 than in
virtualized, up from 2001 through 2009
less than 5% in 2010.”1 combined”2
“Virtualization increases
security risk by 60%.”1
1Gartner; “From Secure Virtualization to Secure Private Clouds”; Neil MacDonald & Thomas J. Bittman; 13 October 2010
13 2Gartner; “Q&A: Six Misconceptions About Server Virtualization”, Thomas J. Bittman; 29 July 2010
13
14. Key Drivers - Proactively Protect and Secure Your IP
87% Percentage of companies that
have experienced a data breach
— IT Compliance
Institute
48% Percent of all breaches that
involved privileged user misuse
— Verizon report, 2010
74% Percentage of breached companies
who lost customers as a result of the
breach
— IT Compliance
Institute
14
15. Key Drivers - Proactively Protect and Secure Your IP
87% Percentage of companies that
have experienced a data breach
— IT Compliance
Institute
48% Percent of all breaches that
involved privileged user misuse
— Verizon report, 2010
74% Percentage of breached companies
who lost customers as a result of the
breach
— IT Compliance
Institute
15
16. Best Practices and Guidance - Security
Planning for security in the virtual datacenter
Business drivers including compliance requirements
New role of IT in the cloud
Strategy and Framework (and org expectations)
Planning and discovery into the environment is critical
What are the big wins (ref architecture, single roadmap, global
scalability, single portal…)
16
17. Best Practices and Guidance - Virtualization
On the Virtualization side, where are things going?
Managing Talent – separation of duties among experts (or cloud
admin “super generalist”)
Private cloud adoption and IT as a service
Mix mode versus air gaps
17
19. Best Practices and Guidance - Getting Started
How To Get Started with Virtualization Security
Strive for virtual security that is equal to or better than the traditional
security in your environment.
Consider the following:
Apply the “Zero Trust” model of information security to your network
architecture
Consider virtualization-aware security solutions
Implement privileged identity management
Incorporate vulnerability management into the virtual server environment
19
20. Summary – Why You? Why Now?
Why do this now?
Proactive collaborative approach to Security planning and architecture
Lever virtualization ROI, payback periods while advancing security,
compliance…
Align these actionable measures to larger initiatives (from CIO survey)
20